<?php
class Download{
	
	public static function check_id($id){	
			$sql_query = mysql_query("Select valid,date FROM ".DATABASE_TABLE_ID." WHERE id_generate = '".$id."'");
			while ($query = mysql_fetch_array($sql_query)){
				if($query['valid'] == "1"){
					if( ($query['date']+60*60*24) >= time() ){
						return true;
					}
					else{
						return false;
					}
				}
				else{
					return false;
				}
			}
			
	}
	
	public static function file_generate_header($id){
		//$id = $this->d_id;
		$sql_query = mysql_query("Select film,user,server from ".DATABASE_TABLE_ID." WHERE id_generate = '".$id."' ORDER BY `id` ASC");
			while ($query = mysql_fetch_array($sql_query)){
				$file=$query['film'];
				$user=$query['user'];
				$server=$query['server'];
			}
		
		if (! Download::check_id($id)){
			add_log("MAUVAIS ID (tentative de hack)",$server,$user);
			print "Bad id";
			exit();
		}	
			
		$file2=File::file_to_path($file);
		if ($file2 == false){
			print "Bad name of file<br />";
			print $file;
			exit();
		}
		
		//gener header
		header("Pragma: public");                                                // vider le cache du navigateur
        header("Expires: 0");                                                    // ...
        header("Cache-Control:");                                                // ...
        header("Cache-Control: public");                                         // ... 
        header("Content-Description: File Transfer");    
		header('Content-Disposition: attachment; filename="'.$file.'";');
		header('Content-type:application/force-download');
		header("Content-Transfer-Encoding: binary");                             // methode du transfert  
        header("Content-Length: ".filesize($file2)."");                          // taille de téléchargement	
	
		$fp = fopen($file2, "r");
		while (!feof($fp))	{
		    echo fread($fp, 65536);
		    flush(); // this is essential for large downloads
		}
		fclose($fp);
		add_log("Fin du dl de ".$file,$server,$user);
    	mysql_query("UPDATE ".DATABASE_TABLE_ID." SET `valid` = '0' WHERE id_generate = '".$id."' ");
		exit();
	
	}
	
	public static function id_generate(){
		$string = "";
		$chaine = "abcdefghijklmnpqrstuvwxy0123456789";
		for ($i=0;$i<30;$i++){
			$nb = rand(0,strlen($chaine)-1);
			$string = $string.substr($chaine,$nb,1);
		}
		return $string;
	}
	
	public static function md5_to_file($md5){
		$file_array=unserialize(Folder::array_folder());
		for ($i=0;$i<count($file_array);$i++){
			if (md5(mysql_escape_string($file_array[$i][3]))==$md5){
				return $file_array[$i][0];
			}
		}
		print "invalide file";exit;
	}
	
	
	public static function register_id($md5,$user,$server){
		$id = Download::id_generate();
		$film = Download::md5_to_file($md5);
		mysql_query("INSERT INTO ".DATABASE_TABLE_ID."(id_generate,film,date,user,server,valid) 
					VALUES('$id', '".mysql_escape_string($film)."','".time()."','".mysql_escape_string($user)."','".mysql_escape_string($server)."',1)");
    	add_log("Gener ID pour ".mysql_escape_string($film),$server,$user);
		return $id;
	}
}

?>